rpms/libvirt
6
0
Fork 1
Code Issues Pull Requests Releases Activity
40c0ee63b9
libvirt/libvirt-virNodeDeviceCapVPDFormatCustom-Escape-unsanitized-strings.patch
Jiri Denemark 9ea8eed2bd libvirt-10.0.0-3.el9 
- remote_driver: Restore special behavior of remoteDomainGetBlockIoTune() (RHEL-22800)
- conf: Introduce dynamicMemslots attribute for virtio-mem (RHEL-15316)
- qemu_capabilities: Add QEMU_CAPS_DEVICE_VIRTIO_MEM_PCI_DYNAMIC_MEMSLOTS capability (RHEL-15316)
- qemu_validate: Check capability for virtio-mem dynamicMemslots (RHEL-15316)
- qemu_command: Generate cmd line for virtio-mem dynamicMemslots (RHEL-15316)
- qemu_snapshot: fix detection if non-leaf snapshot isn't in active chain (RHEL-23212)
- qemu_snapshot: create: refactor external snapshot detection (RHEL-22797)
- qemu_snapshot: create: don't require disk-only flag for offline external snapshot (RHEL-22797)
- remoteDispatchAuthPolkit: Fix lock ordering deadlock if client closes connection during auth (RHEL-20337)
- util: virtportallocator: Add VIR_DEBUG statements for port allocations and release (RHEL-21543)
- qemu: migration: Properly handle reservation of manually specified NBD port (RHEL-21543)
- qemuMigrationDstStartNBDServer: Refactor cleanup (RHEL-21543)
- virPCIVPDResourceIsValidTextValue: Adjust comment to reflect actual code (RHEL-22314)
- util: pcivpd: Refactor virPCIVPDResourceIsValidTextValue (RHEL-22314)
- virNodeDeviceCapVPDFormatCustom*: Escape unsanitized strings (RHEL-22314)
- virNodeDeviceCapVPDFormat: Properly escape system-originated strings (RHEL-22314)
- schema: nodedev: Adjust allowed characters in 'vpdFieldValueFormat' (RHEL-22314)
- tests: Test the previously mishandled PCI VPD characters (RHEL-22314)
- Don't overwrite error message from 'virXPathNodeSet' (RHEL-22314)
- tests: virpcivpdtest: Remove 'testVirPCIVPDReadVPDBytes' case (RHEL-22314)
- util: virpcivpd: Unexport 'virPCIVPDReadVPDBytes' (RHEL-22314)
- util: pcivpd: Unexport virPCIVPDParseVPDLargeResourceFields (RHEL-22314)
- tests: virpcivpd: Remove 'testVirPCIVPDParseVPDStringResource' case (RHEL-22314)
- util: virpcivpd: Unexport 'virPCIVPDParseVPDLargeResourceString' (RHEL-22314)
- virPCIVPDResourceGetKeywordPrefix: Fix logging (RHEL-22314)
- util: virpcivpd: Remove return value from virPCIVPDResourceCustomUpsertValue (RHEL-22314)
- conf: virNodeDeviceCapVPDParse*: Remove pointless NULL checks (RHEL-22314)
- virpcivpdtest: testPCIVPDResourceBasic: Remove tests for uninitialized 'ro'/'rw' section (RHEL-22314)
- util: virPCIVPDResourceUpdateKeyword: Remove impossible checks (RHEL-22314)
- conf: node_device: Refactor 'virNodeDeviceCapVPDParseCustomFields' to fix error reporting (RHEL-22314)
- virNodeDeviceCapVPDParseXML: Fix error reporting (RHEL-22314)
- util: virpcivpd: Remove return value from virPCIVPDResourceUpdateKeyword (RHEL-22314)
- virPCIDeviceHasVPD: Refactor "debug" messages (RHEL-22314)
- virPCIDeviceGetVPD: Fix multiple error handling bugs (RHEL-22314)
- virPCIDeviceGetVPD: Handle errors in callers (RHEL-22314)
- virPCIVPDReadVPDBytes: Refactor error handling (RHEL-22314)
- virPCIVPDParseVPDLargeResourceString: Properly report errors (RHEL-22314)
- virPCIVPDParseVPDLargeResourceFields: Merge logic conditions (RHEL-22314)
- virPCIVPDParseVPDLargeResourceFields: Remove impossible 'default' switch case (RHEL-22314)
- virPCIVPDParseVPDLargeResourceFields: Refactor processing of read data (RHEL-22314)
- virPCIVPDParseVPDLargeResourceFields: Refactor return logic (RHEL-22314)
- virPCIVPDParseVPDLargeResourceFields: Report proper errors (RHEL-22314)
- virPCIVPDParse: Do reasonable error reporting (RHEL-22314)
- virt-admin: Add warning when connection to default daemon fails (RHEL-23170)

Resolves: RHEL-15316, RHEL-20337, RHEL-21543, RHEL-22314, RHEL-22797
Resolves: RHEL-22800, RHEL-23170, RHEL-23212
2024-02-08 13:17:07 +01:00

81 lines
3.0 KiB
Diff
Raw Blame History

From 32fe728dafc85c31b34f669b11264967bfc553dd Mon Sep 17 00:00:00 2001
Message-ID: <32fe728dafc85c31b34f669b11264967bfc553dd.1707394627.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 29 Jan 2024 15:15:03 +0100
Subject: [PATCH] virNodeDeviceCapVPDFormatCustom*: Escape unsanitized strings
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The custom field data is taken from PCI device data which can contain
any printable characters, and thus must be escaped when putting into
XML.
Originally, based on the comment and XML schema which was fixed in
previous commits the idea seemed to be that the parser would validate
that only characters which don't break the XML would be present but that
didn't seem to materialize.
Switch to proper escaping of the XML.
Fixes: 3954378d06a
Resolves: https://issues.redhat.com/browse/RHEL-22314
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 5373b8c02ce44d0284bc9c60b3b7bc12bff2f867)
https://issues.redhat.com/browse/RHEL-22314 [9.4.0]
https://issues.redhat.com/browse/RHEL-22400 [9.3.z]
https://issues.redhat.com/browse/RHEL-22399 [9.2.z]
---
src/conf/node_device_conf.c | 25 +++++++++++++++++--------
1 file changed, 17 insertions(+), 8 deletions(-)
diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c
index 4826be6f42..87c046e571 100644
--- a/src/conf/node_device_conf.c
+++ b/src/conf/node_device_conf.c
@@ -242,23 +242,32 @@ virNodeDeviceCapMdevTypesFormat(virBuffer *buf,
}
static void
-virNodeDeviceCapVPDFormatCustomVendorField(virPCIVPDResourceCustom *field, virBuffer *buf)
+virNodeDeviceCapVPDFormatCustomField(virBuffer *buf,
+ const char *fieldtype,
+ virPCIVPDResourceCustom *field)
{
+ g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
+ g_auto(virBuffer) content = VIR_BUFFER_INITIALIZER;
+
if (field == NULL || field->value == NULL)
return;
- virBufferAsprintf(buf, "<vendor_field index='%c'>%s</vendor_field>\n", field->idx,
- field->value);
+ virBufferAsprintf(&attrBuf, " index='%c'", field->idx);
+ virBufferEscapeString(&content, "%s", field->value);
+
+ virXMLFormatElementInternal(buf, fieldtype, &attrBuf, &content, false, false);
}
static void
-virNodeDeviceCapVPDFormatCustomSystemField(virPCIVPDResourceCustom *field, virBuffer *buf)
+virNodeDeviceCapVPDFormatCustomVendorField(virPCIVPDResourceCustom *field, virBuffer *buf)
{
- if (field == NULL || field->value == NULL)
- return;
+ virNodeDeviceCapVPDFormatCustomField(buf, "vendor_field", field);
+}
- virBufferAsprintf(buf, "<system_field index='%c'>%s</system_field>\n", field->idx,
- field->value);
+static void
+virNodeDeviceCapVPDFormatCustomSystemField(virPCIVPDResourceCustom *field, virBuffer *buf)
+{
+ virNodeDeviceCapVPDFormatCustomField(buf, "system_field", field);
}
static inline void
--
2.43.0
Reference in New Issue View Git Blame Copy Permalink